> Would now be a good time for a concrete proposal for language or
> should we wait for more discussion first?
For the existing generation spec, or some subsequent revision?
Going forward, the fix IMHO is either using a URI-valued Encoding attribute
inside the X509Certificate element, or defining the future version of
ds:X509Certificate to be DER (or perhaps DER/BER) only and requiring
alternate encodings to be defined with extended X509Data children.
I believe somebody expressed a strong preference for the latter, and that's
arguably cleaner.
-- Scott